pica-vercel-ai-sdk

The guide correctly explains how to wire PICA's MCP into the Vercel AI SDK, but includes risky operational recommendations: (1) using npx to run @picahq/mcp without advising pinned versions or integrity checks (download-and-execute risk), and (2) spreading the entire process.env into the subprocess, which exposes unrelated secrets to a third-party process. These practices increase supply-chain and credential-exfiltration risk. Remediation: pin or install the MCP package, forward only needed env vars (PICA_SECRET and PATH), run the subprocess with reduced privileges or sandboxing, and monitor/audit subprocess network activity.